/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/tests/regression/tests/REQUEST-921-PROTOCOL-ATTACK
--- meta: author: "Christian S.J. Peron" enabled: true name: "921140.yaml" description: "Tests for protocol based attacks" tests: - test_title: 921140-1 desc: "HTTP Header Injection Attack via headers" stages: - stage: input: dest_addr: "127.0.0.1" method: "GET" port: 80 headers: Host: "localhost" SomeHeader: "Headerdata\rInjectedHeader: response_splitting_code" uri: "/" output: status: [400] no_log_contains: "id:921140" - test_title: 921140-2 desc: "HTTP Header Injection Attack via headers" stages: - stage: input: dest_addr: "127.0.0.1" method: "GET" port: 80 headers: Host: "localhost" SomeHeader: "Headerdata%0dInjectedHeader: response_splitting_code" uri: "/" output: no_log_contains: "id:921140"
.
Edit
..
Edit
921110.yaml
Edit
921120.yaml
Edit
921130.yaml
Edit
921140.yaml
Edit
921150.yaml
Edit
921160.yaml
Edit
921190.yaml
Edit
921200.yaml
Edit
921230.yaml
Edit
921421.yaml
Edit
921422.yaml
Edit